Tom Eastep
2007-Dec-27 20:19 UTC
Correction to instructions for installing Shorewall under Cygwin
The instructions in the release notes packaged with 4.1.3 are incorrect. The release notes at http://www1.shorewall.net/pub/shorewall/development/4.1/shorewall-4.1.3/releasenotes.txt have been corrected. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Hi everybody, I think I''ve found a bug in shorewall-perl putting this line in tcrules RESTORE 0.0.0.0/0 0.0.0.0/0 all - - - 0 correctly generates this -A tcpre -m mark --mark 0x0/0xffff -j CONNMARK --restore-mark --mask 0xff on shorewall-shell but on shorewall-perl, generates this -A tcpre -j CONNMARK --restore-mark --mask 0xff which unconditionally restores the mark, overwriting any previous one, making example 6 in http://www.shorewall.net/traffic_shaping.htm#tcrules invalid Thanks ;) Pablo. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Pablo Sebastián Greco wrote:> Hi everybody, I think I''ve found a bug in shorewall-perl > putting this line in tcrules > > RESTORE 0.0.0.0/0 0.0.0.0/0 all - - - 0 > correctly generates this > > -A tcpre -m mark --mark 0x0/0xffff -j CONNMARK --restore-mark --mask 0xff > > on shorewall-shell but on shorewall-perl, generates this > > -A tcpre -j CONNMARK --restore-mark --mask 0xffThe attached patch corrects the problem. Thanks! -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Tom Eastep wrote:> Pablo Sebastián Greco wrote: > >> Hi everybody, I think I''ve found a bug in shorewall-perl >> putting this line in tcrules >> >> RESTORE 0.0.0.0/0 0.0.0.0/0 all - - - 0 >> correctly generates this >> >> -A tcpre -m mark --mark 0x0/0xffff -j CONNMARK --restore-mark --mask 0xff >> >> on shorewall-shell but on shorewall-perl, generates this >> >> -A tcpre -j CONNMARK --restore-mark --mask 0xff >> > > The attached patch corrects the problem. > > Thanks! > -Tom >Perfect!!, now the only difference I see is the mark mask (0xFFFF in shorewall-shell against 0xFF in shorewall-perl), it doesn''t interfere with my problem, but just thought I should point that. Thanks for the great work!!! Pablo. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Pablo Sebastián Greco wrote:>> > Perfect!!, now the only difference I see is the mark mask (0xFFFF in > shorewall-shell against 0xFF in shorewall-perl), it doesn''t interfere > with my problem, but just thought I should point that.If that difference bothers you, apply the attached patch.> Thanks for the great work!!!You''re welcome. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/